Posted
by
timothy
on Thursday October 25, 2012 @04:03PM
from the as-if-I-can-read-chinese-at-all dept.

An anonymous reader writes "A new version of the Trusted Platform Module, called TPM2 or TPM 2.0 by Microsoft, has apparently been designed specifically for the release of Windows 8 this week. The details of this new standard have been kept secret. But a major update to the original TPM standard, which came out 10 years ago, seems to have been very quietly released on the Trusted Computing web site (FAQ) earlier this month. Following in the footsteps of the original, this version is quite a challenging read (security through incomprehensibility?). But this new version also seems to support some controversial crypto algorithms that were made public by the 'State Encryption Management Bureau' of China for the first time about 2 years ago. This is roughly the time that Microsoft seems to have begun working in earnest on TPM2, Windows 8, and probably even Surface. But that's probably just a coincidence. This crypto is controversial because of serious EU concerns with domestic restrictions on the implementation, use, and importation of cryptography in China."

How about NSA's Type I ciphers? They are classified TOP SECRET. Would you say they are "weak" or "badly designed?" Do you think NSA keeps them secret because they believe in security through obscurity?

Surely they keep them secret because they don't want other people/countries using them.
Or do they provide a closed implementation for everyone to use?

How about NSA's Type I ciphers? They are classified TOP SECRET. Would you say they are "weak" or "badly designed?" Do you think NSA keeps them secret because they believe in security through obscurity?

Surely they keep them secret because they don't want other people/countries using them.
Or do they provide a closed implementation for everyone to use?

They keep them secret because (a) they don't want to reveal their design principles to others and (b) because then instead of attackers being able to immediately start with attacking the algorithm they first have to spend quite a bit of effort just finding out what the algorithm is before they can start attacking it (look at all the crap crypto used in things like RFID transponders that took ages to break because the details weren't readily available). NSA also has special algorithms designed for high-risk

Actually, why is Security Through Obscurity laughable? Don't underestimate people's psychology. If we don't know how the thing works, we usually have better opinion about its guts than they actually deserve;) (yeah, this also works in favor of proprietary software). Moreover, if you used publicly available algorithm Foo, but disguised it so it's not obvious that it was Foo, that provides you with an additional layer of protection in case some basic flaw in Foo's design is discovered.

I'm surprised you've not been skewered, perhaps it's because there's truth in what you say, but your assumptions are way way off. "Normal people" would behave as you say. Governments and hackers operate on an entirely different level and with different motivations, so making something obscure does not deter them at all. And lastly, wrapping some public function Foo and obscuring it provides you with exactly 0 layers of protection should a flaw with Foo be found. For one example, look at all the vectors asso

Nope - because "Normal People" wouldn't be especially interested in the possibility to begin with. Heck, normal people didn't even nick their 3.5 floppies to get double the space, instead buying "approved" 1.44 HD floppies. You think normal people are going to be attempting to crack anything?

Still, even putting aside possible deterrent effect on wannabe hackers and script kiddies who, in my opinion, come from "normal people" (but I don't want to argue about this minor point), I don't see how "security through obscurity" is a "laughable concept" as OP asserted. Provided that you aren't developing underlying tech from scratch but consulting/employing experts in the field, a "smoke screen" around your tech is going to strengthen your security, not weaken it.

Whenever I hear people say "security through obscurity is no security at all" like some mantra first I laugh and then I remind them that passwords are an instant counter argument; the passwords, "password" or "12345678" are not obscure and thus suck. The password "g*&Gug®¥øç¥" on the other-hand rocks (Other than being really hard to remember or type)

My 16 digit CC number along with 4 digit expiry and the 3 digit number on the back are quite secure if I keep them safe and obscure

Whenever I hear people say "security through obscurity is no security at all" like some mantra first I laugh and then I remind them that passwords are an instant counter argument; the passwords, "password" or "12345678" are not obscure and thus suck. The password "g*&Gug®¥øç¥" on the other-hand rocks (Other than being really hard to remember or type)

Well if you are going to ignore the accepted and industry standard meaning of terms you can laugh at anything. Saying that passwords are "security through obscurity" is like saying "booting windows is a bad idea because you might break them". See Kerckhoffs's principle [wikipedia.org]: "Stated simply, the security of a cryptosystem should depend solely on the secrecy of the key and the private randomizer.[Another way of putting it is that a method of secretly coding and transmitting information should be secure even if ev

Ah but that is exactly what groups like the NSA do. They use algorithms that nobody knows. I suspect, and would bet, that they have crack teams working on cracking known algorithms in order of popularity. The mere fact that their system is unknown or obscure gives it extra security. If they crack any of the better know algorithms I doubt they will go Eureka!, quick, publish our crack in CS101 magazine. But good luck cracking theirs the one that you don't even know exists. It might have some big holes but th

Which only means that people with SECRET or TOP SECRET clearance will not have the clearance to know if AES is breakable. People above these clearance levels may very well use other forms on encryption that the NSA cannot break, and may very well know AES is breakable by the NSA. It also means that NSA believes the common folk cannot break AES and decrypt SECRET or TOP SECRET information.Just the devils advocate. I personally do not believe NSA can break AES. But the usage of AES for a particular cl

To encrypt top secret documents with algorithms known to be breakable is negligent. If its breakable by the NSA by brute force, NSA doesn't have the worlds fastest computers, so they are not the only ones capable. If its a flaw in the algorithm, its a public algorithm, so the NSA are not the only ones analysing it.

There's obvious proof that the NSA doesn't have the fastest computers on earth -- they aren't a Wall Street trading firm.

Nobody on EARTH spends more staggering amounts of cash on endless tiny incremental upgrades to ensure that their computers are always the fastest computers on earth. They develop their own FPGA-accelerated algorithm accelerators that are hand-tuned to execute their algorithms faster than even the fastest general-purpose computer hardware.

Perhaps you are unaware that NSA gave us SHA-1, SHA-256 and DSA. The reason NIST holds public competitions is so that the tin-foil hatters wont get in an uproar about NSA creating a "backdoored' standard. It also helps satisfy foreign entities who wouldn't feel comfortable with America controlling and creating such a standard. The fact that anyone from any nation can submit ciphers helps ease this suspicion.

I would agree that the "backdoored" standard is a real threat. Just look at things like chipsets from China with backdoors built in. Kind of reminds me of the TPM initiative. I'm sure there are plenty more.

I'm more inclined to believe that a one time pad is used for the juicy stuff. Now, if you wish to go around believing anything the NSA says publicly, knock yourself out, but considering their very nature, I don't..

Many of the world's best cryptographers work or worked for the NSA or GCHQ.

They invented and have provided proof that they had algorithms 20 years before the civilian world didn't, including PKI.

Now -- just because they once were years ahead does not mean they presently are, but part of the deal with classified systems is there's no way we could ever know until years later if the best/public/ worldwide cryptographers are ahead or behind.

Wrong. NSA has been doing crypto decades before the academic world got interested in it. They have a huge head start. For instance, they knew about differential cryptanalysis in the 70's, while the academic world didn't discover it until the early 90's. They knew about public key crypto several years before Diffie independently discovered it. These are only two examples, there are many more.

Second, the number of PhD mathematicians they have specializing in crypto is greater than the rest of the world's

This probably has more to do with signed crypto modules than some secret method of encryption. The Chinese probably want to build and sign their own rather than 'trust' something compiled in the EU/USA. Big deal. We'd do the same.

could also be to ensure someone doesn't install an OS which bypasseshttp://opennet.net/chinas-green-dam-the-implications-government-control-encroaching-home-pcSo you'd have the choice of a few domesticly vetted and modified Operating Systems.

microsoft my guess seems up to the task of supporitng chineese censorship at every turn in exchange for being able to do business unmolested, as they have been. I could only speculate they see censorship as a good thing, and further might be able to work it in their ad

Well guys, I don't know about you, but I have only one question: Is it a separate chip on the motherboard? Because if it is, I'm hosting SMC desoldering classes the day this thing hits the market. Who'd have thought the day would come when we'd have to modchip our own damn computers...

TPMs do provide some good security for what they are worth. Not perfect, but it helps immensely with laptops, because if done right, a thief has to be able to get in via the OS, as well as have the proper PIN [1], and perhaps even a USB flash drive with a keyfile on it in order to boot.

[1]: Too many wrong guesses, the TPM won't accept any PIN requests for x amount of time, the value doubling each wrong time.

Well guys, I don't know about you, but I have only one question: Is it a separate chip on the motherboard? Because if it is, I'm hosting SMC desoldering classes the day this thing hits the market. Who'd have thought the day would come when we'd have to modchip our own damn computers...

Depends on the implementation. Some TPMs are not exactly hard to remove [wikimedia.org](that riser card on the LPC headers is sold as an option for that particular motherboard, so they made it easy to add or remove.

Some, like the chip on which that Asus module is based, or a bunch of the Infineon and Atmel ones, are reasonably civilized TSSOPs. Not hard to remove, allegedly packaged to be hard to tamper with at a chip level; but it's your problem if the firmware/BIOS/whatever flips out and refuses to do anything until the TPM is restored(and each one has a unique, and kept secret from you, RSA key burned in, so you have fun cloning/impersonating it to a hostile chipset...)

If, on the other hand, you have a system with something like the Intel GM45 [intel.com] chipset, you'd better have your microscope and ion beam ready because the TPM is on the same silicon as the motherboard chipset.

The TPMs from the likes of Broadcom are somewhere in the middle: They are integrated directly with some of the company's ethernet(and possibly other; I'm only familiar with the ones in some GigE products) chips; and aren't exactly going to be trivial to remove; but your computer will still work if you take a screwdriver to that part, unlike the Intel ones.

Don't be ridiculous. You don't have to modchip your motherboard. The TPM chip is, and always has been, something that provides services to the CPU on demand. It can't control your computer. The computer you're using now probably has one already and it may be used for such nefarious purposes as making disk encryption more secure.

Trusted computing has a needlessly bad rap because of kneejerk reactions like this one. In fact it's a flexible and general tool that can be used for many purposes. For example, you can use it to do sensitive operations on a computer compromised by malware. Games can use it to kick out cheaters. Things get especially interesting when you throw Bitcoin in the mix. It makes feasible autonomous agents [bitcoin.it], a form of evolutionary AI in which programs maintain their own wallets and rely on trusted computing technologies to protect them from potentially malicious humans who want to steal their money. You can also use it to make sensitive financial platforms like exchanges more secure against hackers. The actual cryptography needed to move money can be done inside the secure world with the root keys being held in the TPM chip. The secure code (PAL) verifies and sanity checks the requested operations. Even if the host machine is completely rooted and starts submitting false orders, it can only submit requests to the secure subsystem, it can't directly steal the money.

Remote attestation is useful any time somebody might want to trade or interact with you but have some assurances around how your computer may behave. DRM was one of the original driving motivations indeed, but even here the way the system works is not "evil" in any sense unless you have a truly warped idea of human relations. The technology lets you prove to some online store that you will follow the rules around using the stuff you're buying - like not simply uploading it to a file sharing network. But if you don't find the terms that store requires acceptable, you just don't shop there: they can't actually force you to run any software or put your computer into any particular state. In other words it lets you prove you are doing what you said you'd do, alternatively, it is designed to make it hard to lie - just a mechanical way to enforce contracts. Unless you're routinely in the habit of defrauding people you enter into contracts with, such a capability should not concern you. And the standards are completely open. You can run such an online store on your own Linux box in your bedroom if you like - there's nothing that tips the playing field in favor of Microsoft or other companies (which is why Bitcoin agents can use it).

Trusted computing has a needlessly bad rap because of kneejerk reactions like this one. In fact it's a flexible and general tool that can be used for many purposes.

Because I'm lazy, I'll just copy and paste a comment I made in another thread about TPM

Ever since TPM was created, we're always just a few bits and bytes away from having it leveraged against us, by them.And by "us" I mean "the computer users."By "them" I mean "the hardware manufacturers and software/media companies."

Example: The newest motherboards don't *need* the ability to disable trusted boot. Heck, it'd have been easier to not include it!We're more or less at the mercy of a small number of companies and their design decisions.

" they can't actually force you to run any software or put your computer into any particular state."

It certainly is a good thing that nobody involved in computers, software, internet services, etc. has any significant market power... Also good that nobody would ever attempt to mechanically enforce a contract that gives them greater rights than contract law allows(this is why, for instance, DRM systems never trample on fair use rights...)

Don't be ridiculous. You don't have to modchip your motherboard. The TPM chip is, and always has been, something that provides services to the CPU on demand. It can't control your computer.

It can, however, be used to authenticate the BIOS image and the host OS, and completely refuse to run if the machine isn't running a stock BIOS with a manufacturer-signed OS. It's great for securing industrial controllers, web servers, tablet PCs, smartphones, routers, laptops, notebooks, netbooks, embedded systems, desktops, and home entertainment systems who are obviously owned by people just trying to pirate stuff. But no, it doesn't control your computer. Dell and Microsoft do that.

This Chinese crypto is controversial "because of serious EU concerns with domestic restrictions on the implementation, use, and importation of cryptography in China". That doesn't explain much. As I understand it, TPM cannot be deployed in China because of restrictions on crypto in that country.
Does this addition enable deployment of TPM in China? (I'd expect it would, why else add it)
Is it controversial because this specific algorithm has a backdoor, giving Chinese users a false sense of security?
Is

I take this categorization of my post as an honor. The fact that Microsoft would deal this way with China indicates China has virtual monopolistic power over the products they allow into China when they choose to do it.

I personally do not think the Chinese can be trusted and would not believe they would play fair. For god's sake, there are people in their country who make fake baby formula and medicine which have killed people. There is no way I can trust them.

From the FAQ: "TPM 2.0 is intended to be usable for a very broad range of platforms from embedded systems to mobile devices to PCs to servers."
In other words, TCG is not dead but actively pushing TPMs to new platforms.

A use case: in case of theft, the permanent storage of your device can be protected against reading the flash memory (of course, assuming your device is locked in the first place) in the same fashion as Bitlocker works on PCs.
The secret key with which your corporate data is encrypted can be stored in the TPM bound to a password and/or PCRs. (Assuming, of course, that the TPM itself is not hacked using physical attacks (DPA, etc.). But at least, it raises the bar for the average thief.)

If you ignore all the weird DRM-ish uses (which are basically unsupported for now anyway [1]), the TPM makes a nice cryptographic token. Unfortunately, TPM v1.1 hard-coded the OAEP label to "TPM", which made it incompatible with everything. TPM v2.0 fixes this -- the label is now user-specified. That means that you can use it for modern hardware crypto (sadly, using SHA-1, which should be phased out).

I think that page is wrong, most TPMs do have EKs. Infineons certainly do and IIRC they're the most popular model. However this does not change your point that the DRM use case was never really functional and work on it seems to have been largely abandoned, perhaps due to the staggering complexity involved.

Making DRM work for things like movies was probably always going to be a non-starter on platforms as heterogenous as the PC. To make it work there'd have needed to be not only unbelievably tight synchroni

Over the least few months there has been a relentless barrage of negative stories about China. Many commentators seem to assume that any technology China has is stolen, all Chinese products are cheap crap and contain government backdoors, and all Chinese people are somehow brainwashed by the government.

China is a big place. There is a huge diversity of people. They have some really strong R&D, lots of good scientists doing cutting edge work. They make some damn good products, for example world class hif

The headline is slighly misleading. It's not MSFT's spec, it's the Trusted Computing Group (TCG) and their TPM spec.

One of the goals of the new TPM spec was to allow a better way to replace some algorithms because the original TPM spec entangle SHA1 hash in such a way (with the PCR extension mechanism) that it was difficult to replace that hash algorithm when weakness was discovered that algorithm and people wanted to replace it. Once you change the design and open that up you should probably include the usual suspects.

Some interesting additional algorithms added to the support library were SM3_256 [ietf.org] and SM4 (the hash and symmetric key algorithms mandated for use in chinese DRM), WHIRLPOOL512 [wikipedia.org] (hash function from NESSIE). In addition of the normal RSA public key stuff, they've also added ECC, ECDSA, ECDH, ECDAA, ECSCHNORR (a smattering of ellipitic curve based standards) to the mix in order to help gain acceptance in those markets that want/need shorter key lengths that are available to EC-derived algorithms that presumably have similar security to their RSA counterparts with longer keys.

Interestingly, although they include the SHA2 family of hash functions as an SHA1 upgrade, the newly minted SHA3 was strangely absent. Also, I don't think they have included SM2 [ietf.org] (the chinese ECC signature technique), but that's probably just an oversight. I expect both of these omissions to be remedied with the next release.